Member Panel

phil0446

Its been a long and winding road that has led me to what looks like a great forum, this is my first post so hi to all

I have webroot, norton etc running on my machine and I cannot get rid of this bloomin winfixer ad pop.

My antispyware and antivirus etc picks it up and blocks it to a point whereby most of the time the screen pops are blank, however its happening about once every 10 minutes.

It all leads to winfixer, I have been to the Symantec site and followed the regedit instruction to the letter and still the probelm exists. I have even used Hijack this and yet, yes you guessed it, the problems exists.

Can anyone help me, I would rather cut off my leg than rebuild my system from scratch, any help would be fantastic

Thanks

Phil0446

Hengis

Hi there and welcome to PC Help Forum

We have a fantastic anti-nasties team here and I am sure that one of them, probably the excellent Joe5, will be along soon to give you some more guidance with your problem.

ladygreenwitch

:cheesy: How about me Hengis, Will I do? LOL

@Phil, welcome to PCHF from me as well. Can you please follow the instruction for PreWork in my signature, posting back the ewido and HijackThis logs here?

You will want to make sure to follow the instructions exactly, and make sure that your HijackThis is the most current version.

Look forward to your reply,

TTFN

LGW

Hengis

Originally Posted by ladygreenwitch

:cheesy: How about me Hengis, Will I do? LOL

Of course, sorry me darlin'

phil0446

hello

Followed all you instructions:-

the Ewido scan took an hour (is this normal?)

As requested log files of the Ewido scan plus the latest hijackthis all in .txt format enclosed

I await with baited breath

Thanks

Phil

joe5

Howlong Ewido takes for a scan depends on youre system specs , how big youre HD is , how many files you have and how infected a pc is , but an hour is not that strange.

These can be fixed with hjt:

O2 - BHO: (no name) - {09CAEBA7-0D49-73C1-1706-5D806B71B4EA} - blank (file missing)
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: (no name) - {6CC61831-F1DA-D505-8958-A87F641FD5BD} - blank (file missing)
O2 - BHO: (no name) - {F06D8D0B-61B7-146A-E97C-6AF39C2314E1} - (no file)
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O16 - DPF: Cab1 - http://www.uviewit.com/cgi-bin/uViewIt-Web.cab
O16 - DPF: {0348CD18-6EFE-415B-AF32-58F08FA29B33} (WCSAXrview Control) - http://jogging.dyndns.org:90/wcsarview.cab
O16 - DPF: {7876E4A5-78B7-4020-B08F-C960A1ED54C9} (WebWatch Class) - http://192.168.2.5/Ctl/WinWebPush.cab
O16 - DPF: {8FEED82A-42A6-4117-A803-7EC3EB9339E0} (ClientControl Class) - http://192.168.2.3/plugin/client.cab
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://192.168.2.3/plugin/h263ctrl.cab
O16 - DPF: {FAF10F23-0AC1-1213-A139-0F032B2112CA} - http://uk.global-acces.com/7adpower/nat2.exe

And i also see that you have spysweeper and pestpatrol running at the same time , that can cause conflict and performence issues. Its best to use one for real time protection.

Also do you know what these entrys are from?

C:\Program Files\ornu\nslo.exe
O4 - HKCU\..\Run: [Srro] "C:\Program Files\ornu\nslo.exe" -vt ndrv

C:\Program Files\D-Link\IP surveillance\Monitor_DL.exe
O23 - Service: Smart Servellience System Launcher (NB_ST3402) - Unknown owner - C:\Program Files\Smart VS-IP Surveillance System\Launcher_NB.exe

phil0446

Hi

My HD is 160GB

I have follwed your advice and now only have spysweeper running

I will fix the file with HJT that you have highlighted

As far as the file questions you have raised:-

C:\Program Files\ornu\nslo.exe
O4 - HKCU\..\Run: [Srro] "C:\Program Files\ornu\nslo.exe" -vt ndrv

NO IDEA

C:\Program Files\D-Link\IP surveillance\Monitor_DL.exe
O23 - Service: Smart Servellience System Launcher (NB_ST3402) - Unknown owner - C:\Program Files\Smart VS-IP Surveillance System\Launcher_NB.exe

WEB CAM SOFTWARE

Thanks